-
Notifications
You must be signed in to change notification settings - Fork 594
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(gateway-api): verify TLS/TCPRoute is accepted before pushing to Gateway #3226
Conversation
As for the UDP issue: I'm personally in favor of postponing this (unless we have a strong desire to include this in 2.8). Reason being that the fix might take some time and be more involved (although I can be convinced otherwise). |
Yup, I also think that will be the most reasonable approach. Adding the UDP publish service, adapting helm charts for that and testing properly might take some time. |
What this PR does / why we need it:
Fixes lack of verifying if TLS/TCPRoutes are accepted by the Gateway before proceeding with provisioning. It effectively enables GEP-957 port matching for them -- without that even when a Route doesn't match any Listener, it will be provisioned in Kong Gateway, which is incorrect.
It also improves populating
ListenerStatus.SupportedKinds
by deriving kinds from listener's protocol orAllowedRoutes.Kinds
.Which issue this PR fixes:
Part of #2709.
Special notes for your reviewer:
UDPRoute is left with no modifications due to a lack of possibility to specify two separate publish services for TCP and UDP (see #2544), which is blocking passing the existing integration tests. The default "publish service" (
ingress-controller-kong-proxy
LoadBalancer) exposes all its ports as TCP ones (including the9999
which is meant to be UDP). Due to that, it falls into this case where Listener is marked as not ready due to a missingUDP
port.We may decide to:
ingress-controller-kong-udp
LoadBalancer as its Unmanaged Gateway publish service,PR Readiness Checklist:
Complete these before marking the PR as
ready to review
:CHANGELOG.md
release notes have been updated to reflect any significant (and particularly user-facing) changes introduced by this PR